Integrating CyberSource and Salesforce using Chargent

Connect CyberSource and Salesforce with Chargent

See all CyberSource transactions, manage refunds, send payment links and more, all inside Salesforce with Chargent, the top rated payments app on the Salesforce AppExchange.

Not yet a Chargent customer?

Contact us for a no-obligation 30 day trial, and see for yourself!

Learn More


CyberSource is a global payment gateway and a pioneering company in eCommerce, having gotten its start back in 1994 focused on large merchants. In addition to its own payment gateway, in 2007 it acquired, the leading US small business payments provider.

The CyberSource payment gateway works in over 190 different markets worldwide, in 20 different currencies, and provides a single connection to over 40 banks / payment processors on the backend.

Now that CyberSource is integrated with Salesforce through the Chargent Payment Processing application, you can take advantage of all the payment acceptance capabilities of CyberSource, right in your Salesforce CRM system.

Install a free 30 day trial to see for yourself, or contact us for more information about Chargent and its CyberSource / Salesforce integration capabilities.

Installation and Configuration

  1. Install both the Base Package and the Chargent Orders Transaction Package of Chargent into your Salesforce org.
  2. Configure Chargent according to the Quick Start Guide.

For Chargent versions prior to 5.57 you may need to activate the Remote Site Settings in Salesforce if they aren’t already active for CyberSource.

  • Click the gear icon on the top right and select Settings
  • Under Security select Remote Site Settings
  • Locate CyberSourceLiveA and click edit
  • Check the Active box
  • Click Save
  • Do the same for CyberSourceTestA
  1. Get a CyberSource test account
CyberSource gives you two accounts / logins. Account Admin and Merchant Admin. The Account Admin account is the master Account for a specific Merchant ID, and is not used for this integration.
    • Click on the links in an email you received to confirm and create usernames and passwords for both accounts.
    • We are using the credentials from the second account, the Merchant Admin
    • Your Username and Merchant ID can be the same.
  1. Get a Transaction Security Key
    • Log into the CyberSource Test Business Center using your new credentials
    • From the left panel select Payment Configuration
    • Select Key Management
    • Click Generate Key
    • Select SOAP Toolkit
    • Click Generate Key on the bottom
    • Use the ‘Copy this one time key’ icon on the right to copy the key to your clipboard
Cybersource Cybersource



Add a CyberSource Gateway record in Salesforce using Chargent’s Gateway Wizard.

  1. Click on the App Launcher on the top left side in Salesforce.
  2. Select Chargent as the App
  3. Select the Chargent Settings Tab
  4. Choose Chargent Setup Wizard
    chargent seetings
  5. Do you have a Payment Gateway account – Select Yes
  6. Select CyberSource as your Payment gateway.
  7. Select Test Transactions for testing in Sandbox or Live Transactions if you are looking to process real time payments.
  8. Follow the prompts to configure your gateway.

You will need the following information:

  • Add your credentials based on your Sandbox (Test) or Production Live CyberSource account.
    • User Name: This is your CyberSource Merchant ID
    • User Password: Password (for Merchant Admin account, not Account Admin)
    • Transaction Security Key: Transaction Security Key You copied from CyberSource in the Installation and Setup of CyberSource section above.

Other information that will be asked:

  • What currency will you be using? (USD, CAD, etc..)
  • What payment methods will you be accepting?
  • Credit cards and/or ACH (electronic check)
    • What Credit Card types will you be accepting? (Visa, Mastercard, etc…)
  • Payment Console Setup (Premium feature for Platform Edition)
    • Show Charge Button
    • Show / Create Update Token Button
    • Show Authorize Button

Direct Debit Network

Starting with Chargent version 6.15, you can now select the Bank Account network for your region during the gateway setup process. Cybersource uses the ACH Network. This will allow for the correct Direct Debit Network fields to be displayed on Payment Requests and Payment Console based on your region.

You should choose ACH – US as the network. ACH is also known as echeck or electronic check.

Select the Payment Methods You Accept

Once you have your Direct Debit Network set, you will see the appropriate field names on your Payment Request that are sent as well as your internal Payment Console.

Payment Request Bank Account

Testing using Chargent Anywhere

Testing with Payment Console

To test using the Payment Console, you want to navigate to any record in your Sandbox that has the Chargent Anywhere Component enabled.

  1. Click the [PaymentConsole] button
  2. If you are using multiple gateways select your gateway from the dropdown otherwise continue to step 3
  3. Enter all the Billing Information and click [Next]
  4. Enter in a test credit card number, expiration date, and CVC code based on the Cybersource test credit cards below. If you are testing ACH you can use the Cybersource Bank Account test numbers.
  5. Click the [Charge] button.

You should receive a green box showing Approved.


Testing using Payment Request

To test using a Payment Request you want to be sure you have the Chargent Payment Request feature set up as outlined in our documentation.

  1. Click the [Send Payment Request] button
  2. If you have multiple Payment Request templates set up you will first choose what template you want to use.
  3. Enter an email address where you want to send the test Payment Request along with any amount.
  4. Enter a Contact name (Optional)
  5. Click the [Send Request] button

Send Payment Request

When you receive the email, click the secure link for the Payment Request. Use one of Cybersource Credit Cards or bank account testing numbers to complete the payform and submit the payment.

Card Bank Payment

You should receive a green box confirmation

Card Bank payment

CyberSource Test Credit Cards

  • CyberSource provides a number of test cards for testing purposes. Real Credit Cards should not be used for testing purposes.
Visa 4111 1111 1111 1111
MasterCard 5555 5555 5555 4444
American Express 3782 8224 6310 005
Discover 6011 1111 1111 1117
JCB 3566 1111 1111 1113


ACH Validation

The ACH Validation feature works with Lyon’s ACH Validation service to validate the bank account, and store the validation in your Salesforce Org. During your Gateway Setup you will authenticate your Lyon’s credentials and Chargent uses a referral relationship for all first-time transactions.

If you are not using Lyon’s ACH Verification you want to disable this.

If you are using Lyon’s ACH Validation you will enter the following credentials.

  • Company ID
  • Username
  • Password

Note: If you are testing in a Salesforce Sandbox or Developer account, you want to be sure to check the ‘Test Transactions Only’ box.

  1. Enabled: this setting will enable or disable the ACH Validation. 
  2. Company Id: The company Id in Lyons validation.
  3. Username: Username to log in Lyons validation.
  4. Password: Password to log in Lyons validation.
  5. Test Transactions Only: If this setting is checked, you will send all validations, through a test gateway.

In case you decide to turn off ACH Validation, you will see this warning message.

On the other hand, when you edit the gateway, in “Advanced Settings” you will see this new checkbox, Allow “No-Hit” Transactions.

A “no hit” ACH Validation Response is neither positive or negative. It indicates that ACH validation couldn’t be completed as this account is not listed in the reference database at this time.

On failure validation you will receive this message

New Behavior

NACHA validation, when enabled and correctly configured, applies to all Orders with Bank Account payment method and ACH as Bank Account type in the related gateway. 

The only exception to the above mentioned rule is for orders with already-approved transactions, with the same Account Number last 4; these Bank Accounts are treated valid without using the Lyons service.

In case that there was an error from Lyons service the transaction will continue as usual but this Bank Account will try to get validated again on the next transaction.

If the transaction doesn’t count with the necessary information to get validated because of the tokenization will count as a valid transaction, without the ACH validation.

Test ACH

Account Account 12345678
Routing Number 112200439

Order Source Field

The Order Source field can be set for ACH transactions. The below mapping of the Order Source field will send the corresponding SEC code to Cybersource when you Charge an ACH transaction.

Order Source (Chargent Order field) SEC Codes (Cybersource)
Corporate Cash Disbursement CCD
E-commerce WEB
Installment PPD
Mail ARC
Prearranged Payment and Deposit PPD
Recurring PPD
Recurring Mail ARC
Recurring Telephone TEL
Retail POP
Telephone TEL

Chargent now sends the CommerceIndicator for register token calls to the Cybersource gateway

Chargent logic maps the values in the ChargentOrder.OrderSource field to the CommerceIndicator value in the Cybersource SOAP API.

Here is the current mapping from Order Source to CommerceIndicator:

Order Source Token CommerceIndicator
ecommerce No Token internet
recurring No Token recurring
Telephone No Token moto
Mail No Token moto
Installment No Token recurring
Corporate Cash Disbursement No Token not sent
Retail No Token not sent
Prearranged Payment No Token not sent

Understanding Cybersource Test Responses

Test responses are dependent upon the Charge Amount field, Credit Card Information, and Expiration Date fields in Salesforce.

  • Response Status in the Salesforce transaction record will equal ACCEPT for successful transactions, REJECT for declined transactions, ERROR for failed transactions
  • Reason Codes in the Salesforce transaction record will be 100 for successful transactions, otherwise they will vary according to the error they are supposed to simulate
  • Gateway ID in the Salesforce transaction record (which corresponds to CyberSource’s RequestID) will vary and are incremented automatically across all merchants.General Testing Responses:
Field Input Response
Charge Amount field is greater than 1 Successful transaction
Charge Amount field is less than 1 Rejection: Invalid data – Invalid Amount less than $0
Charge Amount field is 100,000,000,000 Rejection: Invalid data – Invalid Amount; amount too large
Charge Amount field is Blank Rejection: Missing required fields = Empty credit card number
Credit Card Number is 4111111111111112 Rejection: Invalid account number. Request different card or other form of payment.
Credit Card Number is 412345678912345678914 Rejection: 21-digit credit card number
Expiration Month 13 Rejection: Invalid expiration month
Expiration Year 1998 Rejection: Expiration date passed

If you are looking for specific responses for your payment processor, they are listed here:

For additional information about a particular error, you can view the details in the test Enterprise Business Center (in addition to the Chargent Transaction record in Salesforce).

See Cybersource Reason Codes for additional Responses.

Sending Live Transactions from a Salesforce Sandbox

When Chargent is installed in a Salesforce Sandbox, transactions are typically sent to the payment gateway’s test / sandbox / development environment, regardless of whether Chargent’s Test Endpoint checkbox is checked. This is done as a security precaution, to prevent real transactions from being accidentally sent from a Salesforce Sandbox.

When Chargent is installed in a production or developer Salesforce org, checking the Test Endpoint checkbox on the Gateway record will route transactions to the test environments provided by the gateway.

Note: Some gateways use the same endpoint for live and test environments. For these gateways, the Chargent application does not prevent live transaction processing. As such, it is best practice to deactivate your live gateway records in orgs used for testing.

If you wish to send live transactions from a Salesforce Sandbox, as a final step in testing, simply use Chargent’s Endpoint Override field on the Gateway record, and enter the production endpoint of your chosen gateway there.

Here is the production endpoint URL for Chargent’s integration with CyberSource

Note that the full endpoint URL must be entered in the Endpoint Override field, and the domain must be present in the Remote Site Settings (for standard Chargent integrations it should be already present).

Going Live

Once you have completed a number of test transactions, you may wish to complete additional customizations to Salesforce to support CyberSource payments, such as automated workflows driven by payments, any reporting requirements, user interface optimizations, etc.

To process real payments with CyberSource, you will need to migrate your Evaluation account to a Production system, and update your Merchant ID status.

Please contact your local Sales Representative to go live with real transactions with CyberSource, if you don’t already have a live account.

In terms of configuring Salesforce to go live, simply do the following:

  1. Deactivate the CyberSource Test gateway record in Salesforce by unchecking the Active checkbox
  2. Click save
  3. Create a new CyberSource live gateway record in Salesforce, either using the Gateway Wizard or using the steps in versions prior to 5.40.

You should test a live transaction with a real credit card, just to make sure everything is working smoothly (test cards above will not work in the live environment).

Run small dollar amount transactions, and VOID them immediately after, to minimize any impact Using your own or company credit cards for live tests is recommended, as customers could still see notifications of a charge even if voided

Note that Transaction fees are incurred in the live environment, so any testing should be kept to a minimum.


CyberSource offers the ability to store customer payment profiles, eliminating account numbers and other sensitive payment data from your Salesforce account. This lowers the scope of your PCI compliance efforts and ensures that your customer’s sensitive information is not compromised in the event of a security breach.

CyberSource stores your customer’s information and replaces it with a unique identifier or token, known as a profile ID. Chargent then stores the profile ID in the Token field in Salesforce, to be used for future payments.

The CyberSource profile ID, also known as the payment token, identifies the credit card as well as the associated billing, shipping, and card information of a customer.

Chargent can automatically delete credit card and account numbers from Salesforce upon a successful transaction and creation of a token, or the optional Payment Console feature available in the Platform Edition of Chargent can create CyberSource tokens without ever saving sensitive data to the Salesforce database.

Please contact us for additional information on security and PCI compliance options for Salesforce.

To enable CyberSource Tokenization for Payments in Salesforce:

Ensure that Tokenization is enabled for your account by CyberSource.

  • Check the Use Tokenization checkbox in the Chargent Gateway record you have set up for CyberSource
  • Set the Credit Card Handling field (unless you are using Payment Console)
    • Never Clear: Chargent will not remove any card data automatically.
    • Clear After Successful Charge: Chargent will clear the credit card number, expiration dates and card security code only after a successful charge is run.
    • Clear After All Transactions: The credit card number, expiration date and card security code will be erased after any transaction (Charge, Void, Refund)
    • Clear When Token Present (Recommended): Only when a token is present in the token field, will the credit card number, expiration date and card security code be cleared.

The CyberSource token is stored in Chargent’s Token field in Salesforce after your first successful transaction, and the credit card fields are handled as you specified in the preceding step

Sending Unlinked Refunds (stand-alone credit)

Note: Stand-alone credits need to be enabled by Cybersource prior to using this feature in Chargent.

Chargent gives you the ability to process Uninked Refunds. Unlinked Refunds allow you to send money to a credit card that is different from the one used in the initial charge.

To send an Unlinked Refund you need two things to happen.

  1. Disable Tokenization temporarily
  2. Enable your Gateway Record to Allow Unlinked Refunds.

To Disable Tokenization

  1. Click the App Launcher and select the Chargent App
  2. Click the Gateways tab and select the Cybersource name.
  3. Click the [Edit] button then Advanced Settings
  4. Uncheck the Tokenization checkbox
  5. Click the [Save] button

To Enable Unlinked Refunds

  1. Click the App Launcher and select the Chargent App
  2. Click the Gateways tab and select the Cybersource name.
  3. Click the [Edit] button then Advanced Settings
  4. Check the box that says Allow Unlinked Refunds
  5. Click the [Save] button

Note: Allow Unlinked Refunds may need to be added to the Page.

Sending an Unlinked Refund using a new Chargent Order Record:

  1. Click the App Launcher and select the Chargent App
  2. Select Chargent Orders tab and press the [New] button
  3. Fill in the following fields
    • Charge Amount – Amount of the Refund
    • Manual Charge – This locks in the amount in the Charge Amount field, otherwise this field will revert to the Subtotal+Shipping+tax.
    • Billing Information (First Name, Last Name, Billing Address, Billing City, Billing State, and Billing Country). Billing Country is required.
    • Credit Card information including Card Number, Expiration Date, and CSC. Because you are not using the initial transaction, tokens will not work and you will need to have the complete credit card information.
    • Click the [Refund] button

Field Mapping

Here are some relevant fields and their mappings between the Chargent software in Salesforce and the CyberSource system.

Salesforce Direction CyberSource
Gateway ID < Request ID
PO Number > User PO
Salesforce record ID (of Chargent Order, Opportunity, or Case) > Your Reference Number

Custom Mapping Feature

Chargent’s CyberSource Custom Mapping feature allows to you send values from almost any fields on the Chargent Order object to the CyberSource gateway using CyberSource’s Merchant Defined Data fields.

The feature is purely optional and not required for processing Cybersource payments. It is designed to send up to 20 fields in a request. Any Chargent Order can be selected – both from fields from the Chargent package or any custom field.

Note: Cybersource doesn’t allow the sending of personally identifying information to Merchant Defined Data fields: name, address, credit card number, etc. (see details)

  1. To open the configuration page, navigate to Chargent Settings tab and open the CyberSource Custom Mapping sub-tab: (App Launcher > Chargent > Chargent Settings > CyberSource Custom Mapping)
    chargent orders
  2. Select the object in the picklist at the top of the page (normally Chargent Orders, unless you are using the legacy Opportunity or Case packages).
  3. The fields from the selected object are presented in the left column and CyberSource custom fields are in the right.
  4. Map the fields you require and push Save button:


One Chargent Order object field can be mapped multiple times to different CyberSource custom fields.

The mapped fields will be sent in “Authorize” and “Charge” requests:


On the CyberSource side the fields are shown on the detailed transaction description page:


You have now completed the integration of Salesforce and the CyberSource Payment Gateway using Chargent. You can begin processing one-time or recurring credit card and ACH payments through CyberSource directly from Salesforce.

If you need help or have questions, please contact us.